|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ryan Russell (ryan
securityfocus.com)Date: Thu Jul 19 2001 - 18:14:43 CDT
On Thu, 19 Jul 2001, Mike Brockman wrote:
> >From what i read about the 'Code Red'-worm, it was supposed to be scanning
> for IIS-servers. It obviously is'nt, i believe it tries to infect
> everything they find on port 80, or something as simple as that.
>
Run nc -l -p 80 > worm, and you'll get a copy. It's not scanning
in any sense, it just tries a connect, and sends the string.
Ryan
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]